JP2017208718A - Communication device and communication method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To prevent fragmentation at a communication device without increasing burdens on a network manager and users at a time of overlaying from a layer-2 network to a layer-3 network.SOLUTION: A communication device for overlaying communication between hosts on a layer-2 network to a layer-3 network manages first MTU length of each communication path for a plurality of communication paths on the layer-3 network, finds second MTU length on the basis of information added when overlaying communication between the hosts on the layer-2 network via the plurality of communication paths, and notifies the hosts of the second MTU length.SELECTED DRAWING: Figure 2

Description

  The present invention relates to a communication apparatus and a communication method, and more particularly, to a communication apparatus and a communication method for overlaying a layer 2 network on a layer 3 network.

  In recent years, there has been an increasing demand for infrastructure that can accommodate multiple tenants (user organizations and their systems) on a large scale and efficiently in a data center or the like due to server consolidation / consolidation and cloudization. As one of methods for realizing an infrastructure that accommodates a plurality of tenants on a large scale and efficiently, there is an overlay method for constructing a logical layer 2 network on an existing layer 3 network. In the overlay method, tunnel communication for encapsulating a layer 2 Ethernet (registered trademark) frame into a layer 3 IP packet is performed between virtual switches. Such overlay methods include VXLAN (Virtual Extensible VLAN) and GRE (Generic Routing Encapsulation).

  As a communication system that distinguishes and manages a network for each user such as a company or a group using a virtual network such as an overlay, there is a technique disclosed in Patent Document 1. When a virtual network such as an overlay is used, there is a possibility that the performance bottleneck may be improved by adjusting the number of packets that should be encapsulated by adjusting the MTU (Maximum Transmission Unit) of the packet. Whenever a computing unit connects to a VPN (Virtual Private Network) and the network connection device queries the network control device for the MTU corresponding to the VPN, a bottleneck caused by the MTU query becomes a problem.

  Patent Document 1 aims to reduce this performance bottleneck, and executes a computing unit that transmits communication data by a plurality of packets and packet processing for transmitting the packets via a virtual network. In the communication system including the communication unit, the computing unit determines the size of the transmission packet based on the packet size selected based on the information on the transfer path of the transmission packet to be transmitted to the communication unit from a plurality of packet size candidates. Techniques for adjustment are disclosed.

WO2014 / 050091 (Special Table No. 2015-533045)

  The invention described in the cited document 1 is an invention that aims to reduce MTU queries that are made each time a computing unit connects to a VPN (Virtual Private Network), and it is an object to suppress fragmentation. Not.

For example, when a layer 2 network that communicates using an Ethernet (registered trademark) frame is overlaid on a layer 3 network, the Ethernet (registered trademark) transmitted from the host is normally used when performing the encapsulation process in the virtual switch.
Encapsulation header information for tunnel is added to the frame. For this reason, even if the frame transmitted by the host does not exceed the MTU length of the communication path set for the host, the header information is added in the virtual switch to exceed the MTU length of the communication path. Packet fragmentation may occur. Fragment means that when an MTU, which is a packet length that can be transmitted at a time on the network, is exceeded, the original packet is divided and transmitted so as to fit in the MTU.

  In this way, when a host sends a frame with the MTU length of the communication path without knowing that the tunnel encapsulation header information is added in a communication device such as a virtual switch, such a frame is received. Each time the communication device needs to perform fragment processing on the frame after the header information is added, the communication device frequently repeats packet division / reconstruction. The performance of the device may be reduced. Further, since the packet is divided, the packet transfer efficiency may be reduced due to an increase in the number of packets. Further, when any of the divided packets is damaged, it is impossible to reconstruct the packet. Further, when packet division is prohibited (DF (Don't Fragment) bit in the packet is valid), the result is that the packet cannot be transferred without performing fragment processing in the communication device. However, when the layer 2 network is overlaid on the layer 3 network, there is no means for the host to know that the packet cannot be transmitted beyond the MTU because the encapsulation header information is added in the communication device. From the point of view, it is impossible to know the cause of not reaching the other party no matter how many frames are transmitted.

  In order to avoid such a problem, there is a construction method in which an MTU is set in advance assuming various cases for all communication paths of the communication device when the network environment is constructed. It becomes a factor which makes it complicated and difficult.

  Another way to avoid fragmentation is to increase the MTU on the Layer 3 network, but for public networks, MTU changes are risky. In the case of a general Ethernet (registered trademark) environment, a communication device in the layer 2 network may be required to support jumbo frames.

  On the other hand, when the packet length is reduced so as not to exceed the MTU without changing the MTU on the layer 3 network, the MTU is different for each communication path, so the network administrator / user can manage the MTU for each communication path. Doing so increases the burden on the network administrator / user.

  The present invention has been made to solve the above-described problem, and it is an object of the present invention to prevent fragmentation in a communication apparatus without increasing the burden on a network administrator / user when overlaying from a layer 2 network to a layer 3 network. And

  In order to solve the above-described problem, the present invention, as an example, in a communication apparatus that overlays communication between hosts of a layer 2 network on a layer 3 network, for a plurality of communication paths in the layer 3 network, The MTU length is managed, a second MTU length is obtained based on information added when communication between hosts of the layer 2 network is overlaid via a plurality of communication paths, and the obtained second MTU length is transmitted to the host. It is a notification.

  In addition, when the packet length after adding information to be added to the packet received from the host in the communication apparatus exceeds the first MTU length, the second MTU length is notified to the host that has transmitted the packet. It is what I did.

  More specifically, the second MTU length is included in a message created based on the ICMP (Internet Control Message Protocol) format and notified.

  The second MTU length is a value obtained by subtracting the information to be added from the first MTU length.

  According to the present invention, when overlaying from a layer 2 network to a layer 3 network, it is possible to prevent fragmentation in the communication device without increasing the burden on the network administrator / user.

It is a figure explaining the structure of the communication network overlaid from a layer 2 network to a layer 3 network. It is a figure explaining the structure of the communication apparatus in one Example of this invention. It is a sequence diagram explaining the process of the communication between hosts of the overlay network in one Example of this invention. It is a flowchart explaining the process of the MTU management part of the communication apparatus in one Example of this invention. It is a flowchart explaining the process of the MTU management part of the communication apparatus in one Example of this invention. It is a figure which shows the packet edit result log in one Example of this invention. It is a figure which shows the MTU management table in one Example of this invention. It is a figure which shows the MAC address table in one Example of this invention.

  Hereinafter, embodiments of the present invention will be described with reference to FIGS. Note that the same reference numerals are assigned to substantially the same parts, and description thereof will not be repeated.

FIG. 1 is a diagram illustrating a configuration of a communication network that overlays a layer 2 network to a layer 3 network.
A configuration for overlaying a layer 2 network to a layer 3 network will be described with reference to FIG.
FIG. 1 shows a communication network overlaid from the layer 2 network 120 to the layer 3 network 130. By overlaying the layer 3 network by the host 101-1 to the host 101-n and the communication device 111 of the layer 2 network. Are connected to a layer 2 network having the communication device 112 and the hosts 102-1 to 102-n.

  The host 101 and the communication device 111, the host 102 and the communication device 112 are connected together, and belong to the layer 2 network 120. The communication device 111 is connected to the destination communication device 112 via the layer 3 network 130.

  The hosts 101 and 102 are computer devices such as PCs (personal computers) that communicate with the communication device 111 and the communication device 112, respectively. The communication device 111 is a gateway device to the layer 3 network 130 such as a virtual switch. The communication device 111 and the communication device 112 transfer the frames received from the hosts 101 and 102 via the layer 3 network 130 to the communication device 112 that is the transmission destination. Note that the communication devices 111 and 112 perform tunnel communication using the overlay method when passing through the layer 3 network 130.

FIG. 2 is a diagram for explaining the configuration of a communication apparatus according to an embodiment of the present invention.
The configuration of the communication device 111 will be described with reference to FIG. The communication device 112 in FIG. 1 has the same configuration.
The communication device 111 includes a packet communication unit 200, a communication control unit 240, a packet editing unit 210, an MTU management unit 220, an MTU management table 250, a MAC address table 260, and a packet editing result log 230.

The packet communication unit 200 performs packet transmission / reception.
The communication control unit 240 performs control related to communication, for example, control corresponding to basic operation control of a switch or a router. The communication control unit 240 creates / updates the MAC address table 260 when a packet is transmitted / received.

FIG. 8 shows a MAC address table in one embodiment of the present invention.
The configuration of the MAC address table 260 is as shown in FIG. 8, and includes a MAC address 800, an L3 network side IP address 810, a host side port number 820, and a host side VLAN ID 830. The MAC address table 260 is a table that is referred to when the MTU management table 250 is created.

  Returning to FIG. 2, the packet editing unit 210 refers to and edits the contents of the packet received by the packet communication unit 200. Also, when encapsulating a packet, header information based on the applied overlay method is added and deleted. Also, when the packet length exceeds the MTU length of the target route, an error message based on the ICMP protocol (Internet Control Message Protocol) format is created and transmitted, and the content of the transmitted error message is registered in the packet editing result log 230 The process to do is also performed.

  The MTU management unit 220 creates / updates the MTU management table 250 that manages the MTU length of the target route for each communication path, and the MTU length for each communication path managed by the MTU management table 250 and the packet editing unit. Based on the header length added to the packet in 210, the MTU length to be satisfied by the received packet (the MTU length to be satisfied by the transmission packets from the hosts 101 and 102) is calculated.

FIG. 7 shows the configuration of the MTU management table in one embodiment of the present invention.
The configuration of the MTU management table 250 is as shown in FIG. 7, and the destination IP address 710 uses the destination MAC address held in the packet to search the corresponding MAC address 800 from the MAC address table 260, and the MAC address. The L3 network side IP address 810 corresponding to the address 800 is extracted and registered in the destination IP address 710. The MTU length 720 registers the MTU length of the target route. There is Path MTU Discovery (RFC 1191) (hereinafter referred to as PMTUD) as an existing technique for examining the smallest MTU on a communication path. The MTU management unit 220 updates the MTU length 720 if there is a notification of the MTU length by PMTU for the MTU length of the target route. Further, the packet length obtained by adding the header length added by the packet editing unit 210 to the packet length received via the packet communication unit 200 is compared with the MTU length of the target route.

FIG. 3 is a sequence diagram for explaining the inter-host communication process of the overlay network in one embodiment of the present invention.
A processing sequence of communication between the host 1 (101) and the host 2 (102) in the communication network of FIG. 1 will be described with reference to FIG. Note that the MTU lengths of the communication paths of the host 1 (101), the communication device 1 (111), the communication device 2 (112), and the host 2 (102) are 1500 bytes as an example.

When the host 1 (101) transfers a packet to the host 2 (102), the packet is first transmitted to the communication device 1 (111) (300). The communication apparatus 1 (111) refers to the MTU management table, and compares the size of the received packet plus the header length necessary for encapsulation with the MTU length of the communication path (310). As a result of comparison, if the size of the received packet plus the header length necessary for encapsulation is larger than the MTU length of the communication path, a message according to the ICMP protocol format is created, and the host 1 (101 ) Notifies the host 1 (101) of an error message in which the MTU length to be satisfied by the transmission packet from (1) is embedded (320). Details are shown in FIG. 4 and will be described later.
The host 1 (101) retransmits the packet to the communication apparatus 1 (111) by adjusting the packet length to the MTU length to be satisfied by the transmission packet from the host 1 (101) extracted from the received error message (330).

  If the packet length of the packet received from the host 1 (101) does not exceed the MTU length of the destination communication path of the packet (340), the communication apparatus 1 (111) performs packet encapsulation processing ( 350), the packet is transmitted to the communication apparatus 2 (112) (360). Similarly to the processing 310 and processing 340 in the communication device 2 (112), the packet length of the packet received from the communication device 1 (111) via the communication path with reference to the MTU management table and the MTU length of the communication path of the packet (370), if the packet length does not exceed the MTU length of the communication path, the information added in the encapsulation process (350) is deleted (380), and the packet is transmitted to the host 2 (102) (390). .

FIG. 4 is a flowchart for explaining the processing of the MTU management unit of the communication apparatus according to an embodiment of the present invention.
Referring to FIG. 4, the packet length after adding header information added by packet editing unit 210 to the received packet length in MTU management unit 220 of communication device 111 or communication device 112 is compared with the MTU length of the communication path, and received. An error notification processing flow of the packet editing unit 210 when the packet length after adding header information added by the packet editing unit 210 to the packet length exceeds the MTU length of the communication path will be described.

First, the MTU management unit 220 extracts the MTU length of the communication path corresponding to the destination IP address of the received packet from the MTU management table 250 shown in FIG. 7 (S400).
The MTU management unit 220 compares the extracted MTU length with the packet length of the received packet and the size obtained by adding the header length that needs to be added when the packet editing unit 210 encapsulates the packet (S410). If the size of the received packet plus the header length is equal to or smaller than the extracted MTU length of the communication path, the packet can be transferred as it is (S420).

  If the MTU management unit 220 determines that the size of the received packet plus the header length is larger than the MTU length of the extracted communication path, the packet editing unit 210 uses the ICMP protocol format. The error message is notified to the host 1 (101). The packet editing unit 210 creates the following error message using the ICMP protocol format. First, 3 (Destination Unreachable) is set in the Type field of ICMP, and 4 (Fragmentation needed and Don't Fragment was set) is set in the Code field. In the Next-Hop MTU field, the packet length obtained by subtracting the header length necessary for packet encapsulation in the packet editing unit 210 from the MTU length of the corresponding communication path stored in the MTU management table 250 of the communication apparatus 1 (111). Is calculated and set as the MTU length to be satisfied by the host 1 (101).

  In response to an error message created by the packet editing unit (210) of the communication apparatus 1 (111) using the ICMP protocol format, the transmitted packet of the host 1 (101) is the transmission packet of the MTU length (host 1 (101)). Therefore, the host 1 (101) can set the packet length not exceeding the MTU length to be satisfied by the transmission packet of the host 1 (101). Further, the packet editing unit 210 sets the IP address of the host 2 (102) in the transmission source IP address field of the IP header of the error message using the ICMP protocol format, so that the host 1 (101) is as if the host 1 (101) is a host. 2 (102), it is possible to hide the communication device (111) in the middle of the route so as not to be seen as a layer 3 device (S430). Finally, the packet editing unit 210 registers the content of the error message transmitted to the packet editing result log 230 (S440). Details of the packet editing result log 230 are shown in FIG. 6 and will be described later.

  Note that the MTU length in S400 of FIG. 4 can be set in advance instead of extracting the MTU length of the communication path corresponding to the destination IP address of the packet from the MTU management table 250. By setting the MTU length of the communication path to a fixed value, the process of extracting the MTU length set in the communication path becomes unnecessary, and the processing efficiency of the communication apparatus (111) is improved.

FIG. 5 is a flowchart for explaining the processing of the MTU management unit of the communication apparatus according to an embodiment of the present invention.
FIG. 5 shows and describes a processing flow in which the MTU length of the communication path is a fixed value.
A fixed value is set for the MTU length (S500). The fixed value can be set, for example, in the configuration of the communication device (111). The subsequent operations from S510 to S540 are the same as S410 to S440 in FIG.

FIG. 6 is a diagram showing a packet editing result log in one embodiment of the present invention.
The configuration of the packet editing result log 230 will be described with reference to FIG.
The date and time 600 is the date and time registered in the packet editing result log 230, the packet length 610 is the packet length of the packet transmitted to the communication device (111), the encapsulation header length 620 is the header length necessary for packet encapsulation, and the MTU The length 630 is the MTU length of the packet destination route, the source IP address 640 is the source IP address set in S430 of FIG. 4, the destination IP address 650 is the destination IP address set in S430 of FIG. 4, and Next-Hop. As the MTU length 660, the Next-Hop MTU length (MTU length to be satisfied by the transmission packet of the host) set in S430 of FIG. 4 is registered. These log information can be used as cause analysis information when some trouble occurs on the network.

The effects of the embodiment described above include the following.
Path MTU Discovery (RFC 1191) (PMTUD) is an existing technique for examining the smallest MTU on a communication path. However, a PMTUD cannot be originally used for a communication device in a layer 2 network of an overlay network. . However, in the present invention, with the above configuration, it is possible to notify the host of the MTU length to be satisfied by the packet transmitted by the host.

  Further, the present invention notifies the host not of the MTU length of the communication path itself but of the MTU length considering the addition of the tunnel encapsulation header information as the MTU length to be satisfied by the packet transmitted by the host. Packet fragmentation in the device can be prevented.

  When notifying the host of the MTU length, by setting the source IP address of the packet to the IP address of the destination host, the advantages of the overlay method without revealing the presence of communication devices in the middle of the path when viewed from the host The MTU length to be satisfied by the packet transmitted by the host can be notified to the host while keeping the above.

  Further, by saving the packet editing result, it is possible to prepare for a solution means when a problem occurs.

101, 102 ... hosts 111, 112 ... communication device 120 ... layer 2 network 130 ... layer 3 network 200 ... packet communication unit 210 ... packet editing unit 220 ... MTU management unit 230 ... Packet editing result log 240 ... Communication control unit 250 ... MTU management table 260 ... MAC address table

Claims (12)

A communication device that overlays communication between hosts in a layer 2 network on a layer 3 network,
The communication device manages a first MTU length for each communication path for a plurality of communication paths in a layer 3 network, and overlays communication between hosts of the layer 2 network via the plurality of communication paths. A second MTU length is determined based on the information to be added
A communication apparatus that notifies the host of the second MTU length. The communication device according to claim 1,
In the communication device, when the packet length after adding the information to be added to the packet received from the host exceeds the first MTU length in the communication device, to the host that has transmitted the packet A communication apparatus that notifies the second MTU length. The communication device according to claim 2,
The communication apparatus notifies the second MTU length included in a message created based on an ICMP (Internet Control Message Protocol) format. The communication device according to any one of claims 1 to 3,
The second MTU length is a value obtained by subtracting the information to be added from the first MTU length. The communication device according to any one of claims 1 to 4,
The communication apparatus updates the first MTU length when receiving information on the first MTU length via the layer 3 network. The communication device according to any one of claims 1 to 4,
The communication apparatus characterized in that the first MTU length is a preset value. A communication method for overlaying communication between hosts of a layer 2 network on a layer 3 network,
Information added when managing the first MTU length for each communication path and overlaying communication between hosts of the layer 2 network via the plurality of communication paths for a plurality of communication paths in the layer 3 network To obtain a second MTU length based on
A communication method of notifying the host of the second MTU length. The communication method according to claim 7, wherein
When the packet length after adding the information to be added to the packet received from the host exceeds the first MTU length, the second MTU length is notified to the host that has transmitted the packet. A communication method characterized by the above. The communication method according to claim 8, comprising:
A communication method comprising: notifying the second MTU length in a message created based on an ICMP (Internet Control Message Protocol) format. The communication method according to any one of claims 7 to 9,
The second MTU length is a value obtained by subtracting the information to be added from the first MTU length. The communication method according to any one of claims 7 to 10,
The communication method according to claim 1, wherein the first MTU length is updated when information on the first MTU length is received via the layer 3 network. The communication method according to any one of claims 7 to 10,
The communication method according to claim 1, wherein the first MTU length is a preset value.

Images